Netgear M4300-24X24F (XSM4348S) - Stackable Managed Switch with 48x10G including 24x10GBASE-T and 24xSFP+ Layer 3 Guia Do Administrador

e.  Click Add.

Configure the guest VLAN.

a. Select Security > Port Authentication > Advanced > Port Authentication. 

A screen similar to the following displays.

b.  Scroll down and select the port 1/0/1 and 1/0/24 check boxes. 

c.  In the Guest VLAN ID field, enter 2000.

d.  Click Apply to save your settings.

This feature allows the client to connect from any port and be assigned to the appropriate 
VLAN assigned by the RADIUS server. This gives flexibility for the clients to move around the 
network without requiring the administrator to do static VLAN configuration. When multiple 
hosts are connected to the switch on the same port, only one host uses authentication. If any 
VLAN information is applied on the port based on the authenticated host, the VLAN applies 
that information to all the hosts that are connected to that port. 

After a port is in an authorized state, if any client initiates dot1x authentication, the port 

clears authenticated clients’ states, and in the process clears the VLAN assigned to the 
port (if any). Then the port continues with the new client authentication and authorization 
process. 

When a client authenticates itself initially on the network, the switch acts as the 
authenticator to the clients on the network and forwards the authentication request to the 
RADIUS server in the network. 

For use in VLAN assignment, the following tunnel attributes are used:

Tunnel-Type = VLAN (13)

Tunnel-Medium-Type = 802

Tunnel-Private-Group-ID = VLANID where VLANID is 12 bits, with a value between 1 and 
4094.